POS devices read the magnetic stripe on the back of a card that contains account information, which is then transmitted for payment processing.The POS systems that are connected to the Internet could fall prey to cyber attacks particularly for small businesses. This is all according to Trustwave's global Security report of 2011:
Although there are rules for security controls that developers should use for the devices, such as the Payment Application Data Security standard (PA-DSS), Trustwave said that "these controls are rarely implemented properly."
Further, many small businesses rely on third-party integrators to support the POS devices. But those integrators often have poor security practices. In 87 percent of the breach cases it studied, the integrators make mistakes such as using default credentials in operating systems or with remote access systems, Trustwave said.